I use OpenIdict in an Asp.Net Core 2.2 application with DefaultIdentity and the Implicit flow.
I am using the AddEphemeralSigningKey() but you can not really use it for local testing since the token is immediately deleted.
So if I understand the documentation right I need to use the AddSigningCertificate() function (see https://github.com/openiddict/openiddict-samples/blob/dev/samples/ImplicitFlow/AuthorizationServer/Startup.cs).
Is there a way to use the certificate that is created by the Asp.Net Core 2.2 SDK by default (see https://learn.microsoft.com/en-us/aspnet/core/release-notes/aspnetcore-2.1?view=aspnetcore-2.2#on-by-default)?
I don't recommend using the X.509 certificate used by ASP.NET Core for TLS. If you need a stable certificate for local development purposes, consider using options.AddDevelopmentSigningCertificate(), that will generate a X.509 certificate, store it in your X.509 store and re-use it when you re-start the application.
(note: certificate generation is only supported on .NET Core 2.x).